4666 matches found
CVE-2024-37526 IBM Watson Query on Cloud Pak for Data information disclosure
IBM Watson Query on Cloud Pak for Data IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0 could allow an authenticated user to obtain sensitive information from objects published using Watson Query due to an improper data protection mechanism...
CVE-2025-24092
This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to read sensitive location information...
CVE-2025-24092
CVE-2025-24092 affects macOS—Specifically macOS Sonoma 14.7.3 and macOS Sequoia 15.3—where an app could read sensitive location information due to a data-protection weakness. Apple and NVD entries confirm fixed versions: Sonoma 14.7.3 and Sequoia 15.3 implement the patch. The incident is describe...
CVE-2025-24092
This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to read sensitive location information...
CVE-2024-54547
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An app may be able to access protected user data...
CVE-2025-24108
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.3. An app may be able to access protected user data...
CVE-2024-38320
IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...
CVE-2024-38320 IBM Storage Protect for Virtual Environments: Data Protection for VMware information disclosure
IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...
CVE-2024-38320 IBM Storage Protect for Virtual Environments: Data Protection for VMware information disclosure
IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...
CVE-2024-38320
Summary: CVE-2024-38320 affects IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client. Affected versions: 8.1.0.0 through 8.1.23.0. Root cause / vulnerability: Uses weaker than expected cryptographic algorithms that could allow an attac...
Three privacy rules for 2025 (Lock and Code S06E02)
This week on the Lock and Code podcast… It’s Data Privacy Week right now, and that means, for the most part, that you’re going to see a lot of well-intentioned but clumsy information online about how to protect your data privacy. You’ll see articles about iPhone settings. You’ll hear acronyms for...
PT-2025-3036 · Apple · Ios +2
Name of the Vulnerable Software and Affected Versions: watchOS versions prior to 11.2 iOS versions prior to 18.2 iPadOS versions prior to 18.2 Description: The issue is related to insufficient protection of service data in the Face Gallery component of watchOS, iOS, and iPadOS operating systems. ...
Apple macOS 安全漏洞
Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS version 15.3, which stems from an application that may be able to access protected user data...
The vulnerability of SAP NetWeaver AS ABAP and SAP ABAP Platform integration platforms, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.
The vulnerability of SAP NetWeaver AS ABAP and SAP ABAP Platform integration platforms is related to insufficient protection of operational data. Exploiting this vulnerability can allow unauthorized actors to gain unauthorized access to protected information...
The vulnerability in the dllog.cgi script of D-Link DIR-878 microprogramming devices allows a hacker to gain unauthorized access to protected information.
The vulnerability of the dllog.cg script in D-Link DIR-878 router microprogramming software is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the SAP NetWeaver Virus Scan Interface (NW-VSI) programming integration platform for SAP NetWeaver Application Server ABAP and ABAP Platform allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the SAP NetWeaver Virus Scan Interface NW-VSI software integration platform for SAP NetWeaver Application Server ABAP and ABAP Platform is related to a flaw in the data protection mechanism. Exploiting this vulnerability allows an attacker to compromise the confidentiality,...
CVE-2025-24591
Missing Authorization vulnerability in NinjaTeam GDPR CCPA Compliance Support allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GDPR CCPA Compliance Support: from n/a through 2.7.1...
WordPress GDPR CCPA Compliance & Cookie Consent Banner plugin <= 2.7.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Ngô Thái An in WordPress Plugin GDPR CCPA Compliance Support versions = 2.7.1...
2025 State of SaaS Backup and Recovery Report
The modern workplace has undergone a seismic transformation over recent years, with hybrid work becoming the norm and businesses rapidly adopting cloud-based Software-as-a-Service SaaS applications to facilitate it. SaaS applications like Microsoft 365 and Google Workspace have now become the...
The vulnerability of the Mark-of-the-Web protection mechanism in the 7-Zip compressor allows a hacker to execute arbitrary code in the context of the current user.
The vulnerability of the Mark-of-the-Web protection mechanism in the 7-Zip compressor is related to a breach of the data protection mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary code within the context of the current user...